WO 2004/111752 



PCT/NL2004/000422 



1/7 



o c 



(3 



U5 



O >i o 
U to -H 

03 H CO 

o 



TJ H M 
_ O (D 
TJ 01 «H 



8 



i 

to 

M 0) 
OJ 

4J ni 
o ja 

0) CO 
•H -M 
O) tC 
CO tJ 



1 



O CU 
CO £h 



o 

oj 4J 








01 


c 


-P M 






*c 


3 § 








- o 




CO 03 


c 


o 


O TJ 




■H .-t 


3 § 


4J Q 


-H 


ru tn 


C -M 


o 


*""' s 


•H 0] 


rH -h 


OJ -H 




'-J 4-» 


a a) 


c 


(0 u 


ra ai 


-H 


■M .C 


0) > 


■P 


£ 0) 


<U 3 


w -a 


a K 




0) OJ 


U 0) 


> o 


O £ 


as c 


M JJ O 



> u 
p o 



5 

to co 

, O >i 
■P M ffl 

•H HI s 

O TO 
0> 4J 01 

10 CP 0i 
M C >i 
0) -H H 

c n o 

3 W § 



0) OJ 

M .c 

O -M 

co is; 




CD 

E 



§ 

O CU 

TJ H 

C E-« — 



•H OH 

S > (0 

O 0) 

1 — w 

I TJ 

ni c m 

.Q «J O 



I TJ C 
I C *H 

to w 

1 to to 
to ^ 

CD M 4-> 
M (0 -H 



s as 

3 M M 

O 1 U O 

JO) C 0> 

rt Q> TJ 



WO 2004/111752 



PCT/NL2004/000422 



2/7 




o 





x; 




4J 








■s 


c 




o 


4J 


*H 


O 


4J 


« 




4J 


o 


C 


*H 


o 


4J 


u 


q 




QJ 


4-1 


x: 


0) 


■p 


oj 




D 




o* 


M 


S 


O 




\ 
TJ 


CD 


C 


M 


(C 








w 


4J 


o 


<U Of 


H 


o e-» 


CO 


CQ EH 



cn 



a m 



4J H 

CO O 

4J <y 



u • 



CO 

CP -H 

35 J 

H <D n 

0 M O T3 
C 9 Oi<D 

c m o 

1 0) 4J 
TJOC 

aj «h *a 



3 



4J 

a cn 

>i c 
M «H 
O (4 

a) 4-> 

tf) -H 
J3 XI 



CQ 4-1 
> XJ M 

/ S c 

/ L5 S 



» *a m to tj 

i c «h a) 

> *h anu 

• m ro n) 

W 4J > 

6 o>4- 
n) id-h o 

W 4-» O W 



QJ CQ 
•3 ° 

IS § 

I (U <H U 

XS *H -H 

I 4J O 4J 

O QJ C 

a a) 

1 m » jD 

I O 4J 

> to 3 

>i <u ft; 




CM 

CD 
H 
fa 



a c c 

too 

-H -H 

. I 4J 4J 

s &a 

§■88 



CN 

cn 



WO 2004/111752 



PCT/NL2004/000422 



3/7 



vo . 
m 



oo 
m 



G 






o 






*H 






4-> 






fd 




o 


U 




•H 


■H 




-P 


rH 




m 






u 


Oh 




-H CD 


fd 




-P M 






a ro 


>i 






M 




^ -p 


CD 






> 




5 ° 


O 






O 




CD 









CM 





a 




CD O 


a) 


tr»-H 


M 


ro -P 




M fd 


u 


O O 


CD 


•P O 


CO 


CO f— 1 





o 

CD 
CO 



o 
vo 



7 



\ 



VO 



o 

0) 

§ 




CM 



G 

o 

•H 
•P 

m 
o 

«H 
ft 



7 



CO 

c 

•H 
4J 

rd 
u 

S 1 



CO 



H 



CO 



o 
m 



00 



CM 



WO 2004/111752 



4/7 



PCT/NL2004/000422 












O 




*H 




■P 








O i 




•H 0) 
















XJ +J 
4J 4-1 




3 o / 















in 



CD 
H 
fa 



rtj « U 
jn <n cn 

tf> V£> U) 




H 
fa 



M 






Maste 




data 


5 




c 
o 


fro 




ati« 


O) 




o 


c — 






-H CO 

3§ 


— ► 


■to, 

MS 


GO — 




4J M i 


4-> Cn 
-H C 




(0 (0 






Q) 4J 


U CO 




■P -H 
U 


Q) 

•H 4J 




Gene 
from 


OJ -H 
CO ffl 





4J <D 
01 jC 



C 0) 

.. >i RJ 



V 



CN 
H 
CN 



M (D O 

C (3 (D 
W "O f-H 



-M M 

3 g 



4J «»H 

5-8.5 



CN 

1 



*0 nj 

CO 4J 

■M nj 

C -H 
CO +J 
(0 
CO u 
•C «H 
4J 4J 
G 
01 (U 

M ,c 
o +j 

4J 3 



WO 2004/111752 



PCT/NL2004/000422 



5/7 



] [ 



68 



72 



Either decryption key or other 
number that identifies BIOS is 
used to decrypt table 



AUTHENTICATION SOFTWARE 



Collect data: A) fixed 
component, B) Variable 
component, C) System trace 
component and optionally D) 
PIN-code ' 
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66 Perform hashing, bit 
string results. Bit string i £ 
translated into pointers. 



Encrypt table again 




pointerf^ fr °" taMe USin * 



Collect System Trace data 
component and Variable data 
component and add digital 
signature. Hand over to Third 
Party Application 
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FIG. 6 
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(Third Party) Application 



f!S iVe request for digitaT 



B J 0S /f Authentication 
Software is installed and 
running 
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Start transaction by handing 
over transaction ID 9 



M-ore digital sign together 
™h Var 7* ble ^ta components 
?P^er dentifyin9 data ' 
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AUTHENTICATION SOFTWARE 
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Confirm or deny (i n case of 
«rno a i : A PP 11 cation reroutes 
BIOS to TTP cf. cell 24 (Fig 
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^en^rate a digital signature cf . Fig. 



Z 



Embed digital signature in the 
requested digital file the 



I Transfer digital file to 
requesting application. 
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FIG. 7 



Digitally Signed 
Application 



Started 



Request BIOS to regenerate " 
digital signature 



transfer digital signature and 
data components originally 
used to generate embedded 
digital signature 
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Upon verification ^f the^ 
digital signature, the 
application starts. 



Regenerate a digital signature cf. Fig 6 
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Compare embedded and " 
regenerated digital signatures 
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On-line Application 



BIOS 



AUTHENTICATION SOFTWARE 



Receive request for 
transaction 



Request BIOS if Authentication 
Software is installed and 
running 
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Start transaction by handing 
over an transaction ID 




Confirm or deny (in case of 
denial: Application reroutes 
BIOS to TTP cf . cell 24 (Fig. 
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Generate a digital sign cf. Fig. 6 
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FIG. 9 



User application 



Access digital data 




AUTHENTICATION SOFTWARE 



Authentication software 
started 
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Decrypt first encryption layer 
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Collect data and generate 
decryption key 
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Decrypt second encryption 
layer using ^ decryption key 



Provide data to user 
application 
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